Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 2025/10/07 5:21 p.m.5 views

open-vm-tools: Local privilege escalation in open-vm-tools

A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...

7.8CVSS5.8AI score0.0788EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2025/10/07 8:7 a.m.5 views

open-vm-tools: Local privilege escalation in open-vm-tools

A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...

7.8CVSS5.8AI score0.0788EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2025/10/07 7:59 a.m.5 views

open-vm-tools: Local privilege escalation in open-vm-tools

A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...

7.8CVSS5.8AI score0.0788EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2025/10/07 6:2 a.m.4 views

open-vm-tools: Local privilege escalation in open-vm-tools

A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...

7.8CVSS5.8AI score0.0788EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-6586

Malware in sbrugna...

10CVSS6.4AI score0.01307EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.4 views

PT-2024-34646 · Nix · Nix

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.18.9 Nix versions prior to 2.19.7 Nix versions prior to 2.20.9 Nix versions prior to 2.21.5 Nix versions prior to 2.22.4 Nix versions prior to 2.23.4 Nix versions prior to 2.24.10 Description: The issue concerns the Ni...

1CVSS6.9AI score0.00169EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.4 views

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. Nix has a security vulnerability that stems from built-in builders on macOS that are not executed in the macOS sandbox, resulting in these builders being able to access globally readable paths and globally...

1CVSS6.5AI score0.00169EPSS
Exploits0References2
OSV
OSV
added 2024/04/29 5:15 p.m.3 views

DEBIAN-CVE-2024-32491

An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file via a manipulated AJAX Request to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available...

9.8CVSS5.6AI score0.00719EPSS
Exploits0References1
OSV
OSV
added 2024/04/29 5:15 p.m.24 views

UBUNTU-CVE-2024-32491

An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file via a manipulated AJAX Request to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available...

9.8CVSS6AI score0.00719EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/02 12:0 a.m.3 views

CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...

4.4CVSS5.8AI score0.00139EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2018/02/09 12:0 a.m.43 views

NetEx HyperIP 6.1.0 Privilege Escalation

KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability Title: NetEx HyperIP Privilege Escalation Vulnerability Advisory ID: KL-001-2018-004 Publication Date: 2018.02.08 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-004.txt 1. Vulnerability Details Affecte...

6.6AI score
Exploits0
KoreLogic Security
KoreLogic Security
added 2018/02/08 12:0 a.m.20 views

NetEx HyperIP Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Privilege Escalation Attack vector: HTTPS 2. Vulnerability Description Privileges can be escalated by abusing...

0.2AI score
Exploits0Affected Software1
Amazon
Amazon
added 2015/05/07 12:0 a.m.37 views

Critical: docker

Issue Overview: The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627...

7.8CVSS6.6AI score0.00609EPSS
Exploits0
Rows per page
Query Builder